[Asterisk-Users] A solution for SIP and NAT

Michael Kane mkane at to-talk.com
Tue Jul 1 16:13:48 MST 2003


Get a trace using Ethereal when the phone boots up and look in the warning
field of the sip message, if it lists your firewall type as symetric theres
a good chance your out of luck using that firewall.  I'm a bit confused
regarding your port selection, as 3478 is cleared stated as the broadcast
port in the RFC.  I have a stun server running at sp01.to-talk.com or
140.186.104.157 if you want to make a quick test.  At the end of the day I'd
need to see a trace of what's going on between the client and server.  Let
me know if you need any additional help.

Mike


Michael Kane
To-Talk Communications LLC.
37 Sandusky Dr.
Wareham, Ma. 02571
508-295-2826
mkane at to-talk.com
----- Original Message ----- 
From: "Matteo Brancaleoni" <mbrancaleoni at espia.it>
To: <asterisk-users at lists.digium.com>
Sent: Tuesday, July 01, 2003 6:32 PM
Subject: Re: [Asterisk-Users] A solution for SIP and NAT


> Could you give some details about setting up a stun server?
> I'm doing some tests, and were successful using snom + stund
> from vovida . But I got a no-go with budgetones
> (that needs stund on a standard port that's 3478).
> When my snom contacts the stund server, I get a lot
> of info about the connection type, the ip, blah blah
> When the budgetone contacts it, I get only "Receive something len[20]"
> 3 times. Nothing more.
>
> Matteo.
>
> Scrive Michael Kane <mkane at to-talk.com>:
>
> > Hello, NAT/Firewall is truely a problem in the ITSP arena.  There is one
> > solution I know of that works well as an  integrated DHCP/NAT/Firewall
into a
> > SIP aware firewall.  Check out www.intertex.se  and look at the IXX66
> > products.  They even have a device that integrates DSL/NAT/Firewall.
Or, one
> > can purchase a SIP device that supports STUN(Grandstream and SNOM are
the
> > only vendors I know of that do) and install a STUN server.  If anyone is
> > interested I have a STUN server running to test with.  Hope this
helped....
> >
> > Mike
> >
> >
> >
> >
> > Michael Kane
> > To-Talk Communications LLC.
> > 37 Sandusky Dr.
> > Wareham, Ma. 02571
> > 508-295-2826
> > ----- Original Message ----- 
> > From: "John Todd" <jtodd at loligo.com>
> > To: <asterisk-users at lists.digium.com>
> > Sent: Tuesday, July 01, 2003 3:47 PM
> > Subject: Re: [Asterisk-Users] A solution for SIP and NAT
> >
> >
> > > I'm uncertain why you're not able to get SIP working for your user
> > > agents (SIP clients.)  With Cisco equipment, as an example, it works
> > > quite well and almost every 79xx or ATA-186 I have is behind a NAT,
> > > and this configuration is duplicated across a dozen or more systems
> > > now running behind almost every conceivable NAT/PAT situation*
> > >
> > > Known working config:
> > >
> > > UA -> (NAT) -> Internet -> Asterisk
> > >
> > > Can you be more specific about your problems with SIP?  Perhaps you
> > > have done so in the past, but re-state and maybe someone can see what
> > > the problem is.
> > >
> > > JT
> > >
> > >
> > > *Note: the Cisco PIX, while supposedly SIP-friendly, has been the one
> > > box that has not worked with NAT/PAT SIP sessions.  I have not been
> > > the admin on that system, but a fairly clueful Cisco wrangler has
> > > been unable to make it work for originating calls in both directions
> > > - only one-way origination works.)
> > >
> > >
> > > >Hi all.
> > > >
> > > >I have come to the conclusion that there just isn't anything out
there
> > > >for allowing SIP and NAT to work together nicely. This is rather
amazing
> > > >considering that as far back as March 2000 there are documents
> > > >describing how to do it.
> > > >
> > > >So I've started a really simple SIP and RTP proxy project, SaRP, on
> > > >sourceforge.net. Yesterday we uploaded 0.2 of the perl based release.
> > > >This is the first general release and should work for most people. We
> > > >are using it quite successfully for standard calls between all sorts
of
> > > >NATed clients. All you need to do is forward UDP/5060 from your
> > > >firewall/router to the box running SaRP if you want incoming calls to
> > > >work and also allow UDP traffic from the ports listed in the config
file
> > > >out.
> > > >
> > > >The project can be found at http://sarp.sourceforge.net/
> > > >
> > > >I would be very interested in any feedback you may have.
> > > >
> > > >Regards
> > > >
> > > >Andrew Radke.
> > > >_______________________________________________
> > > >Asterisk-Users mailing list
> > > >Asterisk-Users at lists.digium.com
> > > >http://lists.digium.com/mailman/listinfo/asterisk-users
> > >
> > > _______________________________________________
> > > Asterisk-Users mailing list
> > > Asterisk-Users at lists.digium.com
> > > http://lists.digium.com/mailman/listinfo/asterisk-users
> > >
>
>
> -- 
>
> Matteo Brancaleoni
> Espia System Administrator
> http://www.espia.it
>
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
>




More information about the asterisk-users mailing list